Russian hackers infiltrated servers of CNET by the name of W0rm and the Twitter handle @rev-priv8, who "posted an image of remote access to a CNET.com server, with a screenshot of a shell proving a compromise of the site".

CNET would not comment on the nature of the attack or what information was compromised, they have just communicated that they have fixed the problem.

"The image posted on Twitter would indicate the hacker could access and upload files to the website. It's pretty difficult to say how they did it, though. One source suggested it was likely a content management system breach - something like a WordPress or Joomla exploit".

One Mile Automotive is notifying customers of a data breach of one of their third party vendors, Trade Motion who operates automobile websites and has notified One Mile Automotive that this breach could have included personal information of some of its customers.

"City of Encinitas and San Dieguito Water District recently were made aware that a Cal-PERS payment document containing Social Security numbers with corresponding employee and former employee names had inadvertently been made accessible to the public on the City’s website on or about May 13, 2014 to July 3, 2014. Based on our research, we found the exposure has been limited to (16) people that accessed the document during that period."

The document contained information of employees and former employees who were enrolled in Cal-PERS during the following timeframes:

The city of Encinitas is offering 1 year free membership of Protect MyID Alert from Consumer Info.com by Experian.

For those affected with questions contact Courtney Barrett at 760-633-2631 or Jace Schwarm at 760-633-2636.

Information Source:
California Attorney General

records from this breach used in our total:
0

July 15, 2014

Bank of The WestSan Francisco, California

BSF

HACK

Unknown

Bank of The West notified customers of an email scam that involved two employees' remote bank email login credentials being compromised. As a result of this unauthorized access, customer information could be at risk.

The bank is offering one year free of First Watch ID for those affected. For those with questions regarding the service they can call 1-866-310-7373 or 1-800-488-2265.

Information Source:
California Attorney General

records from this breach used in our total:
0

July 16, 2014

Central City ConcernPortland, Oregon

NGO

DISC

15

Central City Concern in Oregon suffered a data breach when an unauthorized access resulted in the breach of clients data.

"On April 2, 2014, a federal law enforcement official notified Central City Concern that a former Central City Concern employee has been accused of improperly copying information from approximately 15 Central City Concern clients from its Employment Access Center (EAC) program with the intent of processing fraudulent tax returns in their names".

The information breached included names, dates of birth, Social Security numbers, addresses, and health information of EAC clients.

Client inquiries regarding this incident may be directed to 866-778-1144866-778-1144, Monday through Friday from 6:00 AM to 6:00 PM Pacific Time.

Bay Area Pain Medical Associates have notified patients of a data breach when several of their desktop computers were stolen.

There were approximately 2,780 patients first and last names, number of years the patients had been seen at their practice. The are reporting that the computer data was encrypted and inaccessible, there was an Excel spreadsheet that containing this information that could have possibly been accessed. No Social Security numbers, dates of birth, financial information, contact information or medical information was exposed.

The facility is offering 12 months free of AllClearID. Those affected can call 1-877-579-2269.

Information Source:
California Attorney General

records from this breach used in our total:
0

July 16, 2014

Apple Valley Christian Care CenterApple Valley, California

MED

DISC

500

Apple Valley Christian Care Center has notified individuals of a security breach of their system when a "technical glitch" occurred. The center communicated that the compromised data varied greatly.

The information included Social Security numbers, dates of birth, home addresses, dates of stays, Medi-Cal ID numbers, Medicare ID numbers, and/or other insurance information such as Medi-Cal appeals, diagnosis codes, treatment information and medical history.

Information Source:
PHIPrivacy.net

records from this breach used in our total:
500

July 16, 2014

Douglas County School DistrictCastle Rock, Colorado

EDU

PORT

Unknown

Douglas County School District notified employees of a data breach of their personal information when a laptop containing their personal information was stolen.

In a letter sent to district employees, the district stated that the stolen computer contained some workers' Social Security numbers and bank
account information.

The district is currently investigating the breach.

Information Source:
Media

records from this breach used in our total:
0

July 17, 2014

Total BankMiami, Florida

BSF

HACK

72,500

Total Bank, a subsidiary
of Banco Popular that has 21 locations in South Florida, is notifying
72,500 customers that their account information was potentially exposed
after an unauthorized third party gained access to the bank's computer
network.

Information obtained by this unauthorized third party included names, addresses, account numbers, account balances, Social Security numbers and driver's license numbers.

The bank is offering 12 months free of credit monitoring services for those that were affected.

Information Source:
Media

records from this breach used in our total:
72,500

July 17, 2014

Bank of AmericaBaltimore, Maryland

BSF

DISC

Unknown

Aon Hewitt, a human resources benefits service provider for Bank of America, was made aware that a vendor's former employee (Hexaware) sent a copy of certain files and inadvertently uploaded them to an FTP site.

The file contained names and Social Security numbers.

Information Source:
Maryland Attorney General

records from this breach used in our total:
0

July 17, 2014

FreshologyBurbank, California

BSR

HACK

Unknown

Only July 1, 2014 Freshology was performing a routine review of its Internet website and discovered unauthorized code. This code may have compromised billing names, addresses and credit/debit card information of customers.

Information Source:
New Hampshire Attorney General

records from this breach used in our total:
0

July 18, 2014

Penn Medicine RittenhousePhiladelphia, Pennsylvania

MED

PHYS

661

Penn Medicine had to announce a data breach involving receipts that were stolen last month from a locked office in Pennsylvania Hospital.

The information on the receipts included combinations of patient names, dates of birth and the last four digits of credit card numbers.

Information Source:
Media

records from this breach used in our total:
0

July 21, 2014

Dominion Resources Inc.Richmond, Virginia

BSO

HACK

1,700

Personal information of more than 1,700 people at Dominion Resources Inc. were compromised when unauthorized parties hacked the employee wellness plan. The hacker gained access via a subcontractor's system, StayWell Health Management LLC who runs Dominions "Well on Your Way" program which includes a health screening, to gain the information hacked.

The hacking actually occurred at a vendor Stay Well uses, Onsite Health Diagnostics, based in Irvine, Texas, that provideds the sign-up mechanism for "Well on Your Way's" health-screening appointments.

The information included individuals' names, addresses, email addresses, phone numbers, gender and dates of birth of employees, spouses and domestic partners who went online to schedul a health-screening appointment going back to 2012.

"Dominion Resources said the company was notified of the breach on June 24 but didn't learn the identities of those affected until July 7th. Dominion Resources is investigating why it took so long for the company to be notified. They are no longer using Onsite Health Diagnostics for scheduling".

Information Source:
Media

records from this breach used in our total:
0

July 22, 2014

Vice.comBrooklyn, New York

BSO

HACK

Unknown

Reportedly a "Russian hacker group known as W0rm tweeted, along with screenshots, that it had hacked popular news, arts and culture site Vice.com and The Wall Street Journal website, and would sell each stolen database for Bitcoin."

The company has communicated that a hacker was able to access a list of Vice.com CMS users. This list included email addresses and hashed passwords. The company communicated that they since have patched the vulnerablity.

Information Source:
Media

records from this breach used in our total:
0

July 23, 2014

Wall Street JournalNew York, New York

BSO

HACK

Uknown

The Wall Street Journal was compromised by a Russian hacker who posted images of a list of user accounts claiming they were from the Wall Street Journal. The Wall Street Journal claimed they had an intrusion but that no data was affected.

The information has yet to be confirmed that it was from the Wall Street Journal, however the same type of intrusion was recently confirmed when this same hacker claimed an intrusion to CNET.

Information Source:
Media

records from this breach used in our total:
0

July 28, 2014

Backcountry GearEugene, Oregon

BSR

HACK

Unknown

Backcountry Gear notified customers of a data breach with a server that handles credit card information. The company discovered malware that was put onto their server that was able to gain customer names, addresses, purchase information, and credit card/debit card information.

The company has stated they do not collect pin numbers or bank account numbers in a transaction so those would not have been compromised in the breach.

The Northern Trust Company communicated a data breach to customers that involved their personal information. Northern Trust Company "provides or previously provided payment services for an employee benefits plan or program in which you participate or participated through. In that capacity, Northern Trust is responsible for maintaining certain personal information about you as a participant of that plan. Regrettably, we are writing to inform you about an inadvertent disclosure by Northern Trust of some of that information".

"As part of normal procedures, Northern Trust sends participant information to record-keeping companies that assist in administering those benefit plans and programs. In late May, a Northern Trust employee transmitted a file containing your information to one of our record-keeping companies that was not responsible for the plan in which you participate (d). The information included your name, address, Social Security number, and benefits plan or program account number, as well as other information about your benefits plan or program account, such as your payment /deduction amounts and, in some situations, bank routing and account numbers used for direct deposits".

Information Source:
California Attorney General

records from this breach used in our total:
0

July 30, 2014

CVS/CaremarkAtlanta, Georgia

BSR

DISC

350

As reported by a local news station in Atlanta Georgia reported a breach by CVS/Caremark when a mailing went out to CVS Caremark customers offering a switch to a
90-day prescription supply.

Unfortunately the mailings
went out to the wrong addresses. "CVS Caremark is in the process of notifying the affected members that
due to a programming error, letters intended for fewer than 350 plan
members were sent to incorrect addresses".

The company said they sent the mailings July 15 and fixed the error after getting complaints. The information exposed were individual names, addresses and what prescriptions the individuals were on.

Information Source:
Media

records from this breach used in our total:
0

July 30, 2014

Rite Aid PharmacyMilton , Washington

BSR

PHYS

521

Rite Aid Pharmacy in Milton Washington notified customer of a data breach, when someone stole a" stack of expired prescription records from a Rite Aid pharmacy in Milton, the company announced Wednesday".

"The records did not contain Social Security numbers or credit card
numbers, and there has been no sign of resulting identity theft",
spokeswoman Ashley Flower said.

The theft occurred on June 30 when a burglar entered a back room where the records were stored.

"Flower said 521 customers were notified of the theft via mail. She
did not know how many records were stolen. The affected customers were
offered a free identity theft consultation".

Those who were affected can contact Kroll Inc. at 855-269-6547 or Rite Aid at 800-RITE-AID.

Lasko Group Inc. announced a data breach of customers who purchased on-line parts from them and Air King America Inc. Both companies were the victims of "phishing" emails from an unknown third party. These fraudulent emails led to unauthorized access to their computer network.

The company is offering AllClearID protect your identity for one year at no cost to those affected. For those who are affected they can sign-up by calling 1-866-979-2595 or at enroll.allclearid.com. The company has also established a confidential assistance line for questions or concerns at 1-877-218-0052 from 9:00 a.m. to 7:00 p.m. EST.

Information Source:
California Attorney General

records from this breach used in our total:
0

July 31, 2014

Recreational Equipment Inc. (REI)Kent, Washington

BSR

HACK

Unknown

On July 23, REI discovered that a third-party may have accessed REI customer accounts without authorization obtaining email addresses and passwords.

For those affected who have further questions about this incident, please contact them at privacy@rei.com or 1-800-426-48401-800-426-4840 Monday through Sunday 4 a.m. to 11 p.m. Pacific Time.

Vibrum USA Inc had notified customers of a data breach in their online ordering system. The compay contracts with a third party web hosting provider vibramfivefinger.com whose systems were compromised when an unauthorized party accessed their system that manages online transactions and inserted malicious code.

The information that may have been compromised included credit card numbers.

The company has set up credit monitoring services through Experian. Those affected can call 1-877-371-7902

Information Source:
California Attorney General

records from this breach used in our total:
0

August 5, 2014

Russian hacking discovered by Hold SecurityUnknown, Wisconsin

BSO

HACK

1 billion

"A gang of Russian hackers has amassed over 1 billion username and
password combinations and more than 500 million email addresses, a
security firm reported late Tuesday, calling it the largest-ever haul of
stolen Internet credentials.

The massive trove — stolen from
hundreds of thousands of websites — was discovered by the Milwaukee firm
Hold Security, according to a post on its website".

According to reports by Hold Security, it took over seven months to identify the gang, "whom the firm dubbed CyberVor, or
cyber-thief in Russian".

It appears that no payment card information or Social Security numbers were threatened.

PRC will provide updates as the story unfolds.

*note: state location provided is that of Hold Security LLC.

Information Source:
Media

records from this breach used in our total:
0

August 7, 2014

University California Santa BarbaraSanta Barbara, California

EDU

HACK

Unknown

The University California Santa Barbara has notified unauthorized
access to some archival payroll data that included names, social
security numbers and direct deposit banking information.

The University
has contracted with ID Experts to provide free credit monitoring
service, and insurance for identity theft restoration.

If
you need assistance enrolling or have additional questions, the
University is requesting individuals call the UCSB / ID Experts team at
1-877-919-9184, between the hours of 6:00 am and 6:00 pm Pacific Time.

When the retail agents requested an estimate through this online system, specific information regarding their customers was necessary to obtain the quote/estimate. Information such as first and last names, addresses, policy dates, policy numbers, premium costs, policy amounts, types of policies, dates of birth, all real estate owned and addresses, types of automobiles, other motorized equipment such as watercraft, occupations of both individuals and spouses, employer names and addresses, general information such as traffic violations, etc.

The company is offering identity theft protection through Kroll for one year at no cost. Those affected can call 1-844-263-8605.

Information Source:
California Attorney General

records from this breach used in our total:
0

August 7, 2014

San Mateo Medical CenterSan Mateo, California

MED

INSD

Unknown

San Mateo Medical Center (SMMC) notified individuals of a potential data breach when the facility discovered that an employee who was hired in the payroll unit of the facility failed to disclose a prior conviction for identity theft.

The employee was terminated immediately, but the individual had access to SMMC employee information including names, contact information, Social Security numbers and dates of birth.

The facility reported that they found "no evidence indicating that the employee misused confidential information from SMMC employee records".

SMMC has engaged Kroll to provide identity theft protection for one year at no cost. For those affected they can contact the county at 1-844-530-4127 from 6:00 a.m. to 3:00 p.m. PDT.

Information Source:
California Attorney General

records from this breach used in our total:
0

August 12, 2014

Freedom Management Group, LLC dba The NaturalHauppauge, New York

BSR

HACK

Unknown

The Natural, an online store, notified customers of a data breach to their system when an unauthorized party accessed customer payment card data. The unauthorized access occurred from 4/22/2014 to 7/17/2014.

The company has recommended that those affected change their online passwords to their online account. The company is offering AllClear ID at no cost for 12 months. For those affected they may contact the AllClear ID team at 1-877-615-3771.

Information Source:
California Attorney General

records from this breach used in our total:
0

August 12, 2014

Orthopaedic Specialty Institute Medical GroupOrange, California

MED

PHYS

49,000

Orthopaedic Specialty Institute Medical Group has reported a data breach when it was discovered that 742 boxes of patient X-rays were stolen from an Iron Mountain Record Management storage facility. After an investigation by the authorities, it was discovered that two Iron Mountain Record Management employees stole the files and melted them down for the silver.

The information in the records, which are 10 to 15 years old, and could have included patient names, birth dates and medical record numbers.

For those who might have been affected they can call the medical group at 1-714-937-48251-714-937-4825.

The Albertsons grocery chain in Southern California announced a data breach when hackers attempted to
obtain customer credit and debit card information from its approximately
180 Southern California stores, as well as stores in several other states.

AB Acquisition LLC which operates Albertson stores, ACME Markets,
Jewel-Osco, Shaw’s and Star Markets all under New Albertson’s, Inc. confirmed that the data breach started as early as June 22, 2014 and ended July 17, 2014.

"Albertson stores in Idaho, Montana, North Dakota, Nevada, Oregon,
Washington, Wyoming and southern Utah were also affected. In addition, ACME Markets in Pennsylvania, Maryland, Delaware and New
Jersey; Jewel-Osco stores in Iowa, Illinois and Indiana; and Shaw’s and
Star Markets stores in Maine, Massachusetts, Vermont, New Hampshire and
Rhode Island were all impacted by this incident".

The company is offering customers who may have been affected by
the breach a year of complimentary identity-protection services. For
more information, customers can call (877) 932-7948 or visit Albertsons'
website.

Supervalu, which operates 3,763 outlets, both corporate and franchised stores, has reported a data breach in their point-of-sale system which affected some of its retail food stores, along with several of its stand-alone liquor stores.
The information compromised includes account numbers and other information on customer payment cards used at the point-of-sale systems. The data breach occurred from June 22, 2014 through July 17, 2014 according to company spokesperson.
The retail grocery chain has notified authorities and the breach is currently under investigation.

Community Health Systems out of Franklin Tennessee has announced a large data breach of their medical system. The breach occured when hackers infiltrated the server of the health system compromising Social Security numbers, names and addresses for 4.5 million patients. Authorities believe that the hackers were based out of China and the attacks happened from April 2014 through June 2014.

The company operates 206 hospitals in 29 states and is currently doing further investigations regarding the attack.

UPDATE (8/26/2014): Five Alabama residents have filed a class-action lawsuit against Community Health Systems following last week's announcement of the data breach of 4.5 million patients.

Information Source:
Media

records from this breach used in our total:
4,500,000

August 18, 2014

MeetMe, Inc.New Hope, Pennsylvania

BSO

HACK

Unknown

MeetMe, Inc. has announced a data breach of their system when hackers gained access to their customer information. The information included names, emails addresses, and passwords.

The company reported that they have contacted their customers to change their usernames and passwords.

Information Source:
California Attorney General

records from this breach used in our total:
0

August 20, 2014

The UPS StoreAtlanta, Georgia

BSR

HACK

Unknown

The UPS Store, Inc has notified customers of a data breach when they discovered malware in their systems targeting UPS retailers. UPS retained a security firm to review their systems and found malware at 51 locations in 24 states. UPS has a total of 4,470 franchised center locations within the US.

The company announced that both credit and debit card purchases were impacted at the franchised locations from January 20, 2014 through August 11, 2014. The company has since removed the malware from their system.

The US Investigations Services (USIS), a firm that performs background checks for U.S government employees had a breach in their data base. Cyber criminals were able to hack their system to gain personal information on employees with the Department of Homeland Security, U.S Immigration and Customs Enforcement and U.S Customs and Border Protection units.

The information breached included Social Security numbers, education and criminal history, birth dates, information on spouses, other relatives and friends including names and addresses.

UPDATE (9/18/2014): "The Office of Personnel Management will not renew any of its contracts
with USIS, the major Falls Church, Va., contractor that provides the
bulk of background checks for federal security clearances and was the
victim of a recent cyberattack, officials confirmed Tuesday evening".

USIS conducted over 21,000 background checks per month for the US government and has been under scrutiny since the data breach in August.

UPDATE (11/14/2014) It appears that the breach affecting the Department of Homeland Security goes beyond just this US governmental agencies. The Ex-DHS official warns of more USIS breach victims and is warning that the breach likely affected other federal workers beyond DHS.

Information Source:
Media

records from this breach used in our total:
25,000

August 22, 2014

Cedars-Sinai Medical Center, Los AngelesLos Angeles, California

MED

PORT

33,136

Cedars-Sinai Medical Center in Los Angeles California has reported a data breach of at least 500 patients at the facility when an employees laptop computer was stolen from their home during a burglary in June 2014. The laptop was password protected.

The records on the laptop included specific patient data such as lab testing, treatment and diagnosis, Social Security numbers and other personal information.

UPDATE (10/3/2014): The data breach that occurred when an employee laptop was stolen, contained many more files than what was originally reported by the hospital. When the breach was made public, Cedars-Sinai hospital reported that 500 patient files were on the stolen laptop. After an investigation, the laptop actually contaned personal information on 33,136 patients.

ManagedMed Inc.(A Psychological Corporation) notified patients and the Attorney General's office of a data breach of their patient scheduling system.

According to the facility patient scheduling information was viewed via an unsecured webpage by at least two non-ManagedMed individuals. This information was visible from March, 2013 through May 15, 2014. The breach allowed unauthorized persons to access the facilities calendaring system and view the information.

This information included patient scheduling information, patient names, telephone numbers, names of providers, notes on the patient which could have included information on the type of visit scheduled or medication/test scheduled for the patient, and dates of appointments. According to the facility no SSN's, credit card or medical records information were exposed.

Information Source:
California Attorney General

records from this breach used in our total:
0

August 25, 2014

BioReference Laboratories, Inc./CareEvolve, Inc.Ann Arbor, Michigan

MED

DISC

3,334

CareEvolve Inc, a subsidiary of BioReference Laboratories, Inc. have notified patients of a data breach to their system that may have inadvertently exposed personal information of patients.

CareEvolve, Inc. was reconfiguring a test server and accidentally exposed the server, making it accessible via the Internet. This particular server included patient names, home addresses, telephone numbers, ages, patient/medical record numbers, clinical tests, collection dates, dates of birth and Social Security numbers (196 SSN's exposed according to CareEvolve Inc).

Automated search engine data mining applications did access this information starting on February 2, 2014 and ended when the breach was discovered on March 19, 2014.

The Hand Care Center/Shoulder and Elbow Institute in Orange California notified patients of data breach when they were notified by Iron Mountain Record Management, a facility where the medical practice stores old files, that 25 boxes of X-rays were stolen by two employees of the storage company. The employees sold the X-rays to a recycler who melted them down to recover the silver.

The information in the X-ray files included patient names, dates of birth, gender, treating physician, medical record numbers and the image on the X-ray itself.

For those possibly affected, they can call the center at 1-877-615-3762. The center is reporting that any X-rays taken after 2002 were most likely not affected.

Information Source:
PHIPrivacy.net

records from this breach used in our total:
0

August 26, 2014

Long Beach Internal Medical GroupLong Beach, California

MED

PHYS

Unknown

The Long Beach Internal Medical Group, Inc. in Long Beach
California notified patients of data breach when they were notified by
Iron Mountain Record Management, a facility where the medical practice
stores old files, that boxes of records were stolen by two employees
of the storage company. Reportedly the employees sold X-rays files to a recycler who
melted them down to recover the silver.

Imhoff and Associates, a criminal defense lawfirm notified clients of a data breach when a backup hard drive was stolen from a locked trunk of an employee's vehicle.

The personal information contained on the backup hard drive may have included names, birth dates Social Security numbers, driver's license numbers, addresses, emails and phone numbers.

The firm is offering those affected 12 months of AllClear ID at no cost. Those individuals with questions can call 1-877-615-3769 to reach an AllClear ID representative, Monday through Saturday 8:00 a.m to 8:00 p.m Central Standard Time..

Information Source:
California Attorney General

records from this breach used in our total:
0

August 27, 2014

Dairy QueenEdina, Minnesota

BSR

HACK

Unknown

Dairy Queen has reported a data breach of their POS (Point of Sale) system when malware authorities are calling "Backoff" was found on the system. This same malware authorities are attributing to the Target and Supervalu Inc. data breaches. Currently the restaurant chain is unclear as to how many stores were affected.

Dairy Queen operates 6,300 restaurants across the US, many of which are franchisees that are not required to report fraud to Dairy Queens headquarters.

Currently Dairy Queen is working with authorities to uncover the specifics.

UPDATE:(9/10/2014): Dairy Queen has announced that several of its stores will go to a "cash only" model in lieu of the current data breach the fast food restaurant chain suffered.The company stated that only a small portion of its 4,500 stores were affected, but they would not say how many or which restaurants will be going to a cash only system.

UPDATE: (10/10/2014): On Thursday, Dairy Queen confirmed that 400 stores and one Orange Julius location were compromised as a result of the point of sale malware first reported back in August. The investigation also confirmed that the hackers used compromised credentials of a third party vendor to infiltrate Dairy Queen's POS system.

The FBI is investigating a sophisticated hacking attack on JP Morgan Chase and potentially seven other financial institutions. Originally it was reported that possibly one to four other institutions may have been affected, but it appears that the breach could be much larger than originally thought.

The hackers, who are reportedly Russian, gained enough personal information to completely wipe out bank accounts. The sophisticated and coordinated attacks go beyond the typical criminal hacker (s) according to authorities. Investigators are looking into the reasons behind the coordinated attack.

It appears that not only did the hackers gain access to the accounts, but also altered and possibly deleted information.

The attack appears to have been coordinated and directed at specific JP Morgan Chase employees to gain access to their computers and databases at the bank.

Experts are communicating that the hackers would have had to of spent a significant amount of time researching and studying the record system of the bank prior to attempting any kind of unauthorized access. "What was even more concerning is these hackers were able to modify records using high-level credentials and do it in a way that was undetected."

UPDATE (9/16/2014): After further investigation by authorities and Chase Bank, the breach they suffered isn't as severe as originally anticipated. The bank has confirmed that the hackers were able to gain access only to names, addresses and phone numbers, no financial or bank account information was accessed.

UPDATE (10/3/2014): The cyber attack JPMorgan Chase
& Co. faced this summer compromised personal information in much greater numbers than first reported. Originally the numbers reported were over 1 million affected customers. After an investigation, JP Morgan Chase reports that hackers gained access to data on more than 76 million account holders--names, addresses, phone numbers and emails. Information on an additional 7 million small businesses was obtained as well. "

"JPMorgan
Chase said that names, addresses, phone numbers and email addresses
were stolen from the company's servers, but only customers who use the
websites Chase.com and JPMorganOnline and the apps ChaseMobile and JPMorgan Mobile were affected".

AltaMed Health has notified patients of a data breach when a temporary employee and other individuals were reported to be under investigation for an identity theft scheme, according to Arcadia law enforcement agents. No arrests have been made currently, but the investigation is continuing.

"Law enforcement
disclosed it recovered a hard drive and other evidence during its
investigation, that this hard drive and evidence may include the
organization’s records, and that it believes this information may have
been misused by participants in the identity theft ring currently under
investigation".

The investigation has shown that this temporary employee accessed electronic and paper records for individuals that attended community events in Orange and Los Angeles counties from October 24, 2013 through June 6, 2014. The temporary employee was hired to help with patient enrollment.

The records this person had access to included names, email addresses, telephone numbers, Social Security numbers, provider
information, insurance information, dates of birth, and addresses.

AltaMed is offering AllClear ID and AllClear ID Pro for those individuals affected. You can find information regarding these services by calling (877) 579-2263

Beachwood-Lakewood Plastic Surgery and Dr. Stevem A. Golman, notified patients of a data breach when their office in the Parkway Medical complex were burglarized. The theives stole computer hardware that inlcuded patient information that included names and limited medical information.

The medical practice is offering you one year of credit monitoring at no cost. This
service is provided by All Clear ID.

If you have any questions or would like to enroll in the credit monitoring service, call 1-877-615-3745.

Information Source:
PHIPrivacy.net

records from this breach used in our total:
0

September 1, 2014

AppleCupertino, California

BSO

HACK

Unknown

Apple's iCloud service

"A few days ago a group calling themselves hackappcom posted a proof of
concept script on the popular code repository called Github that would
allow for a user to attempt to breach iCloud and access a user account.
This script would query iCloud services via the “Find My iPhone” API to
guess username and password combinations. The problem here was that
apparently Apple
was not limiting the number of queries. This allowed for attackers to
have numerous chances to guess password combinations without the fear of
being locked out".

The number of celebrity photos or private information breached is still unknown.

The Home Depot appears to be another victim of a data breach of their POS systems, reportedly by the same Russian hacking group that hit Target, Michaels, Neiman Marcus and P.F. Chang's.

Brian Krebs of Krebs on Security reported that a significantly large amount of debit and credit card information went up for sale on the underground cybercrime sites, all leading back to purchases made at Home Depot stores across the US.

Home Depot is currently investigating the potential breach. Updated postings will follow as more information comes in.

UPDATE (9/10/2014): The Home Depot has now confirmed that their credit card processing systems were compromised in 2,200 of its stores across the U.S and Canada. Currently, no information has been released as to the number of individuals affected. Authorities are predicting this could surpass the 40 million individuals affected by the Target hacking.

UPDATE (9/16/2014): "A group of attorneys general have opened a multistate investigation
into the recently confirmed data breach at Home Depot Inc."

Attorneys General in Connecticut, Illinois and California will be leading the investigation to uncover the cause of the data breach and how the retailer has handled the breach with their affected customers.

UPDATE (9/18/2014): The Home Depot has announced the data breach they suffered earlier this month has affected approximately 56 million credit and debit cards. This makes this breach the second largest breach ever, just behind TJX'x co's breach of 90 million records. The also announced that they see no evidence of any breach of their stores in Mexico or for those who shopped at their online store, HomeDepot.com.

UPDATE (9/26/2014): At least 15 law suits have been filed against The Home Depot for the recent data breach that occurred in US and Canadian stores. The lawsuit alleges that The Home Depot neglected to secure customers' financial and personal information. Most of the cases were filed by customers, however two credit unions and one bank have also filed suit.

UPDATE (9/29/2014): The Home Depot has posted a page on their website regarding the recent data breach, for consumers who were affected. This page will advise you on what to do and how to obtain information to take advantage of the free 12 month credit monitoring services. Make sure to scroll down past the photo.

UPDATE (11/14/2014): The Home Depot has now announced that on top of the 56 million customers who had financial information compromised in the breach, the hackers also made off with 53 million email addresses of customers as well.

UPDATE (11/25/2014): The Home Depot is facing 44 civil lawsuits in the U.S and Canada as a result of the data breach that occured across the organizations retail stores.

Currently the company "has been working to deploy EuroPay MasterCard Visa (EMV)
chip-and-pin security at each of its U.S. and Canadian stores. The
breach compromised the financial details of customers who shopped at any
of Home Depot's 2,266 stores in the U.S. and Canada".

Reportedly, Healthcare.gov has suffered a data breach to one of their test systems by hackers. Currently the Obama administration is communicating that no personal information was compromised, but authorities are investigating.

According to the administration, "“our review indicates that the server did not contain consumer personal
information, data was not transmitted outside the agency and the website
was not specifically targeted,” said Aaron Albright, a spokesman at the
Centers for Medicare and Medicaid Services, which runs the website. “We
have taken measures to further strengthen security.”"

"Mr.
Albright said the hacking was made possible by several security
weaknesses. The test server should not have been connected to the
Internet, he said, and it came from the manufacturer with a default
password that had not been changed.

In addition, he said, the server was not subject to regular security scans as it should have been".